The news about Equifax’s data breach, and the long line of data thefts in the years before, was very much on everyone’s mind. Knowing my focus on cybersecurity investments, someone asked me: Why does it keep happening?
I’ll focus on one out-of-the-way industry – overseas shipping – for an explanation.
A “Fingers Crossed” Cybersecurity Plan
According to the BBC, a private security firm named CyberKeel launched three years ago with the idea of bringing a higher level of awareness about viruses and data theft. The answer from big shipping companies, according to CyberKeel’s senior partner, was: Don’t waste your time. We’re pretty safe. There’s no need.
That’s typical. Hack attacks are like recessions – they’re not real until one happens to you.
It turns out one shipper had a virus in its computer system that added a hacker’s bank account number each time the shipping company’s suppliers requested electronic payment.
The hack extracted several million dollars, according to CyberKeel, before the shipper realized why its suppliers weren’t getting paid.
The final straw was the NotPetya ransomware attack this summer. The giant Danish shipping firm Maersk recently said the hack forced it to halt operations at 76 of its ocean terminals around the world, causing $300 million worth of disruptions to its business.
Maersk’s CEO told the Financial Times that the attack was so damaging “we ended up having to use WhatsApp on our private phones [to communicate]. It was, frankly, quite a shocking experience.”
The point is, huge cyberhacks keep happening when computer security isn’t a top priority for a company.
It’s also a key reason why cybersecurity stocks will continue to be huge winners for years to come.
The big challenge – even now – is getting companies to take the threat seriously.
If we own a physical business, a home or a car, security is always a priority, right? We make sure we have strong locks on the doors.
It doesn’t prevent a break-in, of course. But a good lock, fortified doors and unbreakable windows sure make the thieves’ job a lot harder.
We pull on the door handle a couple times just to make sure the deadbolt is set. We tell our employees and children to make sure to lock the doors when they leave.
Why It’s “Game On” for Cybersecurity Stocks
Yet – just taking the shipping industry as one example – most companies do no such thing. Ocean shipping today is highly dependent on onboard computers and automation. That’s why vessels that once needed crews of dozens in decades past can now be operated with as few as 13 people.
And yet, when a British consulting firm surveyed 2,500 merchant seamen about at-sea cybersecurity, they found:
- Forty percent of ships’ officers said they had sailed on a vessel infected with a computer virus or malware.
- Eighty-seven percent of ships’ crews had no cybersecurity training.
- It takes an average of 146 days to detect a shipboard data breach.
- Seventy percent of shipboard data breaches go undetected.
Surveys like the one above demonstrate why cybersecurity stocks will continue to ride the wave of spending in this sector, as business after business, and industry after industry, wakes up to the threat.